Ensure that RedHat/SUSE only use a distro install

Previously the 'distro' install method was implemented as the default for CentOS and SUSE, however, some remnants were left behind, making the configuration confusing and causing some issues due to the gpg verification on RedHat trying to use the RabbitMQ gpg check. Rather than try and keep the many confusing installation methods for these distributions, we simply remove the other options and all the config entries related to it. As part of this, we need to clean up the functional tests which previously implemented checks based on the 'file' install type which is no longer used by any distribution. Change-Id: I28199ce149f6893d688d11177ec950b17dbf0886
2018-11-07 13:45:40 +01:00 · 2018-11-07 13:45:40 +01:00 · cfc8423bfd
parent 95b298dcd1
commit cfc8423bfd
6 changed files with 11 additions and 243 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -51,19 +51,19 @@ rabbitmq_release_version: "{{ _rabbitmq_release_version }}"
 rabbitmq_package_sha256: "{{ _rabbitmq_package_sha256 }}"
 rabbitmq_package_path: "{{ _rabbitmq_package_path }}"

-rabbitmq_gpg_keys: "{{ _rabbitmq_gpg_keys }}"
+rabbitmq_gpg_keys: "{{ _rabbitmq_gpg_keys | default([]) }}"

 # Set the URL for the RabbitMQ repository
-rabbitmq_repo_url: "{{ _rabbitmq_repo_url }}"
+rabbitmq_repo_url: "{{ _rabbitmq_repo_url | default(null) }}"

 # Set the repo information for the RabbitMQ repository
-rabbitmq_repo: "{{ _rabbitmq_repo }}"
+rabbitmq_repo: "{{ _rabbitmq_repo | default({}) }}"

 # Set the URL for the Erlang repository
-rabbitmq_erlang_repo_url: "{{ _rabbitmq_erlang_repo_url }}"
+rabbitmq_erlang_repo_url: "{{ _rabbitmq_erlang_repo_url | default(null) }}"

 # Set the repo information for the Erlang repository
-rabbitmq_erlang_repo: "{{ _rabbitmq_erlang_repo }}"
+rabbitmq_erlang_repo: "{{ _rabbitmq_erlang_repo | default({}) }}"

 # Set the elang version used on the deployment
 rabbitmq_erlang_version_spec: "{{ _rabbitmq_erlang_version_spec | default(null) }}"
--- a/tasks/install_yum.yml
+++ b/tasks/install_yum.yml
@ -13,121 +13,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

- block:
-    - name: Add rabbitmq gpg-keys
-      rpm_key:
-        state: present
-        key: "{{ item.keyserver }}/{{ item.key_name }}"
-      register: add_keys
-      until: add_keys is success
-      retries: 5
-      delay: 2
-      with_items: "{{ rabbitmq_gpg_keys }}"
-      tags:
-        - rabbitmq-gpg-keys
-
-  rescue:
-    - name: Add rabbitmq gpg-keys using fallback keyserver
-      rpm_key:
-        state: present
-        key: "{{ item.fallback_keyserver }}/{{ item.key_name }}"
-      register: add_keys_fallback
-      until: add_keys_fallback is success
-      retries: 5
-      delay: 2
-      with_items: "{{ rabbitmq_gpg_keys }}"
-      when:
-        - item.fallback_keyserver is defined
-      tags:
-        - rabbitmq-gpg-keys
-
+- name: Fail if installation method is not 'distro'
+  fail:
+    msg: "The only supported rabbitmq_install_method for RedHat is 'distro'."
  when: rabbitmq_install_method != 'distro'

- name: Install RabbitMQ yum mirror
-  yum_repository:
-    name: "{{ rabbitmq_repo.name }}"
-    file:  "{{ rabbitmq_repo.filename | default(omit) }}"
-    description: "{{ rabbitmq_repo.description | default(omit) }}"
-    baseurl: "{{ rabbitmq_repo.baseurl }}"
-    repo_gpgcheck: "{{ rabbitmq_repo.repo_gpgcheck | default(omit) }}"
-    gpgcheck: "{{ rabbitmq_repo.gpgcheck | default(omit) }}"
-    state: "{{ rabbitmq_repo.state }}"
-    gpgkey: "{{ rabbitmq_repo.gpgkey | default(omit) }}"
-    sslverify: "{{ rabbitmq_repo.sslverify | default(omit) }}"
-    sslcacert: "{{ rabbitmq_repo.sslcacert | default(omit) }}"
-  when:
-    - rabbitmq_install_method == 'external_repo'
-  tags:
-    - rabbitmq-repos
-
- name: Install erlang yum mirror
-  yum_repository:
-    name: "{{ rabbitmq_erlang_repo.name }}"
-    file:  "{{ rabbitmq_erlang_repo.filename | default(omit) }}"
-    description: "{{ rabbitmq_erlang_repo.description | default(omit) }}"
-    baseurl: "{{ rabbitmq_erlang_repo.baseurl }}"
-    repo_gpgcheck: "{{ rabbitmq_erlang_repo.repo_gpgcheck | default(omit) }}"
-    gpgcheck: "{{ rabbitmq_erlang_repo.gpgcheck | default(omit) }}"
-    state: "{{ rabbitmq_erlang_repo.state }}"
-    gpgkey: "{{ rabbitmq_erlang_repo.gpgkey | default(omit) }}"
-    sslverify: "{{ rabbitmq_erlang_repo.sslverify | default(omit) }}"
-    sslcacert: "{{ rabbitmq_erlang_repo.sslcacert | default(omit) }}"
-  when:
-    - rabbitmq_install_method == 'external_repo'
-  tags:
-    - rabbitmq-repos
-
- name: Enable and set erlang repo priority
-  command: |
-    yum-config-manager
-      --enable {{ item.name }}
-      --setopt="{{ item.name }}.priority={{ item.priority }}"
-  changed_when: false
-  when:
-    - rabbitmq_install_method != 'distro'
-  with_items:
-    - name: "{{ rabbitmq_repo.name }}"
-      priority: 40
-    - name: "{{ rabbitmq_erlang_repo.name }}"
-      priority: 40
-  tags:
-    - rabbitmq-repos
-
- name: Install yum versionlock plugin
-  package:
-    name: "yum-plugin-versionlock"
-    state: "{{ rabbitmq_package_state }}"
-  tags:
-    - rabbitmq-yum-packages
-
- name: Gather a list of the currently locked versions
-  command: yum versionlock list
-  args:
-    warn: no
-  register: yum_versionlock_list
-  tags:
-    - rabbitmq-yum-packages
-
- name: Lock package versions
-  shell: |
-    yum versionlock delete {{ item.pkg_name }}
-    yum versionlock add {{ item.pkg_spec }}
-  args:
-    warn: no
-  when:
-    - item.pkg_spec not in yum_versionlock_list.stdout
-  with_items:
-    - pkg_name: 'erlang'
-      pkg_spec: "{{ rabbitmq_erlang_version_spec }}"
-    - pkg_name: 'rabbitmq-server'
-      pkg_spec: "rabbitmq-server-{{ rabbitmq_release_version }}*"
-  tags:
-    - rabbitmq-yum-packages
-
-# NOTE(mhayden): With the version locks applied, this step will install
-# the correct version of RabbitMQ along with the correct version of the
-# all-in-one erlang package. Also, the version of dnf that comes with CentOS
-# 7 doesn't have version lock support, so we must use yum here.
 - name: Install RabbitMQ packages
  yum:
    name: "{{ rabbitmq_distro_packages }}"
@ -149,7 +39,7 @@
  # rabbitmq_install_method == 'distro'. However, the upstream package
  # does not contain a systemd file and as such we need to provide one.
  # This should be reverted once https://github.com/rabbitmq/rabbitmq-server-release/pull/31
-  # is merged and new builds of rabbimq-server are available.
+  # is merged and new builds of rabbitmq-server are available.
  tags:
    - rabbitmq-config

--- a/tasks/install_zypper.yml
+++ b/tasks/install_zypper.yml
@ -13,53 +13,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

- name: Fail if installation method is set to 'external_repo' on openSUSE
+- name: Fail if installation method is not 'distro'
  fail:
-    msg: "rabbitmq_install_method='external_repo' is not supported on openSUSE"
-  when: rabbitmq_install_method == 'external_repo'
-
- block:
-    - name: Add rabbitmq gpg-keys
-      rpm_key:
-        state: present
-        key: "{{ item.keyserver }}/{{ item.key_name }}"
-      register: add_keys
-      until: add_keys is success
-      retries: 5
-      delay: 2
-      with_items: "{{ rabbitmq_gpg_keys }}"
-      tags:
-        - rabbitmq-gpg-keys
-
-  rescue:
-    - name: Add rabbitmq gpg-keys using fallback keyserver
-      rpm_key:
-        state: present
-        key: "{{ item.fallback_keyserver }}/{{ item.key_name }}"
-      register: add_keys_fallback
-      until: add_keys_fallback is success
-      retries: 5
-      delay: 2
-      with_items: "{{ rabbitmq_gpg_keys }}"
-      when:
-        - item.fallback_keyserver is defined
-      tags:
-        - rabbitmq-gpg-keys
+    msg: "The only supported rabbitmq_install_method for openSUSE is 'distro'."
  when: rabbitmq_install_method != 'distro'

-# NOTE(hwoarang) For the upgrade job we fetch the old version from upstream and the new one from OBS. zypper gets upset if you
-# get the updaded package during an update so you need to pass --force to actually force such a change. However, --force forces a
-# re-install independent of repo changes but it's not the end of the world.
- name: Install the RabbitMQ package RPM
-  zypper:
-    name: "{{ rabbitmq_package_path }}"
-    state: "{{ rabbitmq_package_state }}"
-  register: install_rabbitmq
-  tags:
-    - rabbitmq-package-rpm
-    - rabbitmq-zypper-packages
-  when: rabbitmq_install_method == 'file'
-
 - block:
  - name: Install the RabbitMQ package
    zypper:
@ -76,7 +34,6 @@
  tags:
    - rabbitmq-package-rpm
    - rabbitmq-zypper-packages
-  when: rabbitmq_install_method == 'distro'

 # NOTE(hwoarang) on openSUSE, rabbitmq-server depends on epmd.service which
 # depends on epmd.socket which runs on localhost. It is just easier to let
--- a/tests/test-rabbitmq-functional.yml
+++ b/tests/test-rabbitmq-functional.yml
@ -20,32 +20,6 @@
  gather_facts: true
  become: true
  tasks:
-
-    - name: Gather variables for each operating system
-      include_vars: "{{ item }}"
-      with_first_found:
-        - "{{ playbook_dir }}/../vars/{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
-        - "{{ playbook_dir }}/../vars/{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
-        - "{{ playbook_dir }}/../vars/{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
-        - "{{ playbook_dir }}/../vars/{{ ansible_distribution | lower }}.yml"
-        - "{{ playbook_dir }}/../vars/{{ ansible_os_family | lower }}.yml"
-
-    - name: Set rabbitmq_package_url
-      set_fact:
-        rabbitmq_package_url: "{{ _rabbitmq_package_url }}"
-
-    - name: Set rabbitmq_package_version
-      set_fact:
-        rabbitmq_package_version: "{{ _rabbitmq_package_version }}"
-
-    - name: Set rabbitmq_release_version
-      set_fact:
-        rabbitmq_release_version: "{{ _rabbitmq_release_version }}"
-
-    - name: Set rabbitmq_install_method
-      set_fact:
-        rabbitmq_install_method: "{{ _rabbitmq_install_method }}"
-
    - name: Check rabbitmq is running
      command: "pgrep -f rabbit"
      delegate_to: "{{ item }}"
@ -102,12 +76,6 @@
          - hostvars['container1']['rabbitmq_ssl_cert_checksum'] == hostvars['container2']['rabbitmq_ssl_cert_checksum'] == hostvars['container3']['rabbitmq_ssl_cert_checksum']
          - hostvars['container1']['rabbitmq_ssl_key_checksum'] == hostvars['container2']['rabbitmq_ssl_key_checksum'] == hostvars['container3']['rabbitmq_ssl_key_checksum']

-    - name: Ensure expected version of rabbitmq is running
-      assert:
-        that: rabbitmqctl_status.stdout | search ("rabbit,\"RabbitMQ\",\"{{ _rabbitmq_release_version }}\"")
-      when:
-        - "rabbitmq_install_method == 'file'"
-
    - name: Get the policy list
      command: rabbitmqctl -q list_policies
      register: rabbitmq_policies_output
--- a/vars/redhat.yml
+++ b/vars/redhat.yml
@ -14,39 +14,6 @@
 # limitations under the License.

 _rabbitmq_install_method: distro
-_rabbitmq_package_url: "https://packagecloud.io/rabbitmq/rabbitmq-server/packages/el/7/rabbitmq-server-3.7.5-1.el7.noarch.rpm/download.rpm"
-_rabbitmq_package_version: "{{ rabbitmq_package_url.split('/')[-2].rsplit('.', 1)[0] }}"
-_rabbitmq_release_version: "{{ rabbitmq_package_version.split('-')[2] }}"
-_rabbitmq_package_sha256: "1a40596279f901e31d1ebc4f75b1360b603745f3bed79d4260f70a81db565f16"
-_rabbitmq_package_path: "/opt/rabbitmq-server.rpm"
-
-_rabbitmq_gpg_keys:
-  - key_name: 'rabbitmq-release-signing-key.asc'
-    keyserver: 'https://www.rabbitmq.com'
-  - key_name: 'gpgkey'
-    keyserver: 'https://packagecloud.io/rabbitmq/rabbitmq-server/'
-
-_rabbitmq_repo_url: "https://packagecloud.io/rabbitmq/rabbitmq-server/el/7/$basearch"
-_rabbitmq_repo:
-  name: rabbitmq_rabbitmq-server
-  description: "RabbitMQ Server Rolling Repository"
-  baseurl: "{{ rabbitmq_repo_url }}"
-  state: "present"
-  gpgkey: "https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey"
-  filename: RabbitMQ
-  # TODO(evrardjp) Move to ssl verify yes
-  #sslverify: no
-  #sslcacert: /etc/pki/tls/certs/ca-bundle.crt
-
-_rabbitmq_erlang_repo_url: "https://dl.bintray.com/rabbitmq/rpm/erlang/20/el/7"
-_rabbitmq_erlang_repo:
-  name: rabbitmq_els-erlang
-  description: "RabbitMQ Erlang Packages from Bintray"
-  baseurl: "{{ rabbitmq_erlang_repo_url }}"
-  state: "present"
-  filename: els-erlang
-
-_rabbitmq_erlang_version_spec: "erlang-20.3*"

 rabbitmq_distro_packages:
  - openssl
--- a/vars/suse.yml
+++ b/vars/suse.yml
@ -15,20 +15,6 @@

 _rabbitmq_install_method: distro

-# These are all here as alternative ways to get the required packages either by
-# installing the package directly or getting it from the CentOS mirror
-_rabbitmq_package_url: "https://packagecloud.io/rabbitmq/rabbitmq-server/packages/opensuse/{{ ansible_distribution_major_version }}/rabbitmq-server-3.7.5-1.suse.noarch.rpm/download.rpm"
-_rabbitmq_package_version: "{{ rabbitmq_package_url.split('/')[-2].rsplit('.', 1)[0] }}"
-_rabbitmq_release_version: "{{ rabbitmq_package_version.split('-')[2] }}"
-_rabbitmq_package_sha256: "58a1d5242c84cae1752f149eaf2f4d26d2d886eb5812c8eaf4c985494be2eabb"
-_rabbitmq_package_path: "/opt/rabbitmq-server.rpm"
-
-_rabbitmq_gpg_keys:
-  - key_name: 'rabbitmq-release-signing-key.asc'
-    keyserver: 'https://www.rabbitmq.com'
-  - key_name: 'erlang_solutions.asc'
-    keyserver: 'https://packages.erlang-solutions.com/ubuntu'
-
 rabbitmq_distro_packages:
  - rabbitmq-server
  - rabbitmq-server-plugins